Exemplo n.º 1
0
def app_remove(id=None):
	if not get_login():
		return requires_login()
	if id is None:
		return redirect(url_for('app_manage'))

	app = pysql().where('id', id).get('apps')
	if len(app) != 1:
		return redirect(url_for('app_manage'))

	if request.method == "POST":
		if not csrf_match():
			return csrf_bail('app_manage')
		if not pysql().where('id', id).delete('apps'):
			logger.error("Unable to delete app", id)
			flash("Unable to delete app. Please try again.", 'error')
			return redirect(url_for('app_manage'))
		licenses = pysql().where('app', id).get('licenses')
		if len(licenses) > 0 and not pysql().where('app', id).delete('licenses'):
			logger.error("Unable to delete licenses for app", id)
			flash("Unable to delete licenses for app.", 'warning')
		logger.info("Successfully deleted app", id)
		flash("Successfully deleted app.", 'success')
		return redirect(url_for('app_manage'))

	app = app[0] # Grab the dict.
	app['users'] = len(pysql().where('app', app['id']).get('licenses'))

	extra = {
		"login": get_username(),
		"app": Struct(**app),
		"id": id,
		"csrf": csrf_make()
	}
	return render_template('apps.remove.html', **extra)
Exemplo n.º 2
0
def key_remove(id=None):
	if not get_login():
		return requires_login()
	if id is None:
		return redirect(url_for('key_manage'))

	key = pysql().where('id', id).get('licenses')
	if len(key) != 1:
		return redirect(url_for('key_manage'))

	if request.method == "POST":
		if not csrf_match():
			return csrf_bail('key_manage')
		if not pysql().where('id', id).delete('licenses'):
			logger.error("Unable to delete license", id)
			flash("Unable to delete license. Please try again.", 'error')
			return redirect(url_for('key_manage'))
		logger.info("Successfully deleted license", id)
		flash("Successfully deleted license.", 'success')
		return redirect(url_for('key_manage'))

	key = key[0] # Grab the dict.
	key['app'] = pysql().where('id', key['app']).get('apps')[0]['name']
	key['disabled'] = "Yes" if key['disabled'] == 1 else "No"
	key['expires'] = util.expires_str(key['expires'])

	extra = {
		"login": get_username(),
		"key": Struct(**key),
		"id": id,
		"csrf": csrf_make()
	}
	return render_template('keys.remove.html', **extra)
Exemplo n.º 3
0
def app_manage():
	if not get_login():
		return requires_login()
	apps_ = pysql().get('apps')
	apps = []
	for app in apps_:
		app['users'] = len(pysql().where('app', app['id']).get('licenses'))
		apps.append(Struct(**app))
	return render_template('apps.manage.html', login=get_username(), apps=apps)
Exemplo n.º 4
0
def key_manage():
	if not get_login():
		return requires_login()
	keys_ = pysql().get('licenses')
	keys = []
	for key in keys_:
		app = pysql().where('id', key['app']).get('apps')
		if len(app) != 1:
			continue
		key['app_str'] = app[0]['name']
		expired = True if key['expires'] == -1 else False
		key['expires'] = util.expires_str(key['expires'], key['id'], expired)
		keys.append(Struct(**key))
	return render_template('keys.manage.html', login=get_username(), keys=keys)
Exemplo n.º 5
0
def app_add():
	if not get_login():
		return requires_login()

	if request.method == "POST":
		for le_part in ('le-name', 'le-language', 'le-active', 'le-submit'):
			if le_part not in request.form:
				return redirect(url_for('app_add'))
		if not csrf_match():
			return csrf_bail('app_add')
		import re
		le_name = request.form['le-name'][:64]
		if not re.match(r'^[a-zA-Z0-9_\-]+$', le_name):
			flash("Sorry, app names can only include alphanumeric characters, dashes and underscores.", 'error')
			return redirect(url_for('app_add'))

		le_language = request.form['le-language'][:32]
		if le_language == "Other":
			le_language = request.form['le-other-language'][:32] # If they specify Other, grab le-other-language.
		if not re.match(r'^[a-zA-Z0-9_\-#+\.]+$', le_language):
			flash("Sorry, languages can only include alphanumeric characters, dashes and underscores.", 'error')
			return redirect(url_for('app_add'))
		le_active = 1 if request.form['le-active'] == "yes" else 0
		import time
		data = {
			"name": le_name,
			"language": le_language,
			"active": le_active,
			"version": int(time.time())
		}
		pysql_ = pysql()
		if not pysql_.insert('apps', data):
			logger.error("Unable to create new app.")
			flash("Something went wrong. Please try again.", 'error')
			return redirect(url_for('app_add'))
		flash('You just created this app. You can edit it here.', 'success')
		return redirect(url_for('app_edit', id=pysql_._cursor.lastrowid))
	else:
		return render_template('apps.add.html', login=get_username(), languages=get_languages(), csrf=csrf_make())
Exemplo n.º 6
0
def user():
	"""Return a username of the current API user.
		If they're logged into the site, return the username,
		If they're not, return the HTTP authorization username.
	"""
	return request.authorization.username if zk.get_http_login() else zk.get_username()
Exemplo n.º 7
0
def app_edit(id=None):
	if not get_login():
		return requires_login()
	if id is None:
		return redirect(url_for('app_manage'))
	app = pysql().where('id', id).get('apps')
	if len(app) != 1:
		return redirect(url_for('app_manage'))
	
	def flash_wrong(id, error=""):
		if error != "":
			error = "({0})".format(error)
		# Simple temp def to flash an error and redirect.
		logger.error("Something went wrong updating app", id, error)
		flash("Something went wrong.", 'warning')
		return redirect(url_for('app_edit', id=id))

	if request.method == "POST":
		if 'le-type' not in request.form or 'le-submit' not in request.form:
			return flash_wrong(id, error="Missing type or submit form field. ({0})".format(type_))
		if not csrf_match():
			return csrf_bail('app_edit', id=id)
		type_ = request.form['le-type']
		if type_ not in ('name', 'language', 'active', 'version'):
			return flash_wrong(id, error="Invalid type. ({0})".format(type_))

		if type_ == "name":
			if 'le-name' not in request.form:
				return flash_wrong(id, error="Missing name field ({0})".format(type_))
			name = request.form['le-name'][:64] # Trim if needed.
			if not re.match(r'^[a-zA-Z0-9_\-]+$', le_name):
				flash("Sorry, app names can only include alphanumeric characters, dashes and underscores.", 'error')
				return redirect(url_for('app_edit', id=id))
			if not pysql().where('id', id).update('apps', {"name": name}):
				return flash_wrong(id, error="Unable to update app. ({0})".format(type_))
			app = pysql().where('id', id).get('apps')
			flash("Successfully updated app name.", 'success')

		elif type_ == "language":
			if 'le-language' not in request.form or 'le-other-language' not in request.form:
				return flash_wrong(id, error="Missing language field. ({0})".format(type_))
			language = request.form['le-language'][:32]
			if language == "Other":
				language = request.form['le-other-language'][:32] # Trim if needed.
			if not re.match(r'^[a-zA-Z0-9_\-#+\.]+$', language):
				flash("Sorry, languages can only include alphanumeric characters, dashes and underscores.", 'error')
				return redirect(url_for('app_edit', id=id))

			if not pysql().where('id', id).update('apps', {"language": language}):
				return flash_wrong(id, error="Unable to update app. ({0})".format(type_))
			app = pysql().where('id', id).get('apps')
			flash("Successfully updated app language.", 'success')

		elif type_ == "active":
			if 'le-active' not in request.form:
				return flash_wrong(id, error="Missing active field. ({0})".format(type_))
			active = 1 if request.form['le-active'] == "yes" else 0
			if not pysql().where('id', id).update('apps', {"active": active}):
				return flash_wrong(id, error="Unable to update app. ({0})".format(type_))
			app = pysql().where('id', id).get('apps')
			flash("Successfully updated app activity.", 'success')

		elif type_ == "version":
			import time
			# Versions are simply a UNIX epoch timestamp.
			# This allows checking if your version is ahead, behind, up-to-date, etc.
			if not pysql().where('id', id).update('apps', {"version": int(time.time())}):
				return flash_wrong(id)
			app = pysql().where('id', id).get('apps')
			flash("Successfully pushed app update.", 'success')

		logger.info("Successfully updated app", id)

	app = app[0] # Grab the dict.
	extra = {
		"login": get_username(),
		"app": Struct(**app),
		"id": id,
		"languages": get_languages(),
		"def_language": app['language'] in get_languages(),
		"csrf": csrf_make()
	}
	return render_template('apps.edit.html', **extra)
Exemplo n.º 8
0
def key_add():
	if not get_login():
		return requires_login()

	if request.method == "POST":
		if not csrf_match():
			return csrf_bail('key_add')
		for le_part in ('le-app', 'le-user', 'le-needs-hwid', 'le-active', 
						'le-expires', 'le-expires-select', 'le-expires-years',
						'le-expires-months', 'le-expires-weeks', 'le-expires-days', 'le-expires-hours',
						'le-aban', 'le-submit', 'le-license-style', 'le-email'):
			if le_part not in request.form:
				return redirect(url_for('key_add'))
		le_app = request.form['le-app']
		try:
			le_app = int(le_app)
		except ValueError as e:
			return redirect(url_for('key_add'))
		app = pysql().where('id', le_app).get('apps')
		if len(app) != 1:
			return redirect(url_for('key_add'))

		le_user = request.form['le-user']
		if not re.match('^[a-zA-Z0-9_\-]+$', le_user):
			flash("Sorry, usernames can only include alphanumeric characters, dashes and underscores.", 'error')
			return redirect(url_for('key_add', id=id))
		le_email = request.form['le-email']
		if len(le_email) > 0 and not re.match(r'''^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$''', le_email):
			flash("Sorry, that email isn't valid.", 'error')
			return redirect(url_for('key_add', id=id))
		le_needs_hwid = 1 if request.form['le-needs-hwid'] == "yes" else 0
		le_disabled = 0 if request.form['le-active'] == "yes" else 1
		le_expires = 0
		if request.form['le-expires-select'] == "yes":
			exp_str = '{0}y{1}m{2}w{3}d{4}h'.format(
					request.form['le-expires-years'],
					request.form['le-expires-months'],
					request.form['le-expires-weeks'],
					request.form['le-expires-days'],
					request.form['le-expires-hours']
				)
			le_expires = util.timestamp_from_str(exp_str)

		le_aban = 1 if request.form['le-aban'] == "yes" else 0

		key = util.key_from_style(request.form['le-license-style'], app=app[0]['name'])
		data = {
			"app": le_app,
			"user": le_user,
			"email": le_email,
			"key": key,
			"needs_hwid": le_needs_hwid,
			"hwid": "",
			"disabled": le_disabled,
			"expires": le_expires,
			"aban": le_aban,
		}
		pysql_ = pysql()
		if not pysql_.insert('licenses', data):
			logger.error("Unable to add new key.")
			flash("Something went wrong. Please try again.", 'error')
			return redirect(url_for('key_add'))
		flash('You just created this key. You can edit it here.', 'success')
		key_id = pysql_._cursor.lastrowid
		logger.info("Successfully created license", key_id)
		return redirect(url_for('key_edit', id=key_id))
	else:
		apps = []
		for app_ in pysql().get('apps'):
			app = {
				"id": app_['id'],
				"name": app_['name']
			}
			apps.append(Struct(**app))
		return render_template('keys.add.html', login=get_username(), apps=apps, csrf=csrf_make())
Exemplo n.º 9
0
def key_edit(id=None):
	if not get_login():
		return requires_login()
	if id is None:
		return redirect(url_for('key_manage'))
	key = pysql().where('id', id).get('licenses')
	if len(key) != 1:
		return redirect(url_for('key_manage'))
	
	def flash_wrong(id):
		# Simple temp def to flash an error and redirect.
		logger.error("Something went wrong updating license", id)
		flash("Something went wrong.", 'warning')
		return redirect(url_for('key_edit', id=id))

	if request.method == "POST":
		if 'le-type' not in request.form or 'le-submit' not in request.form:
			return flash_wrong(id)
		if not csrf_match():
			return csrf_bail('key_edit', id=id)
		type_ = request.form['le-type']
		if type_ not in ('app', 'name', 'email', 'license',
						 'needs-hwid', 'hwid', 'disabled', 'expires'):
			return flash_wrong(id)

		if type_ == "app":
			if 'le-app' not in request.form:
				return flash_wrong(id)
			app_id = request.form['le-app']
			app = pysql().where('id', app_id).get('apps')
			if len(app) != 1:
				return flash_wrong(id)
			app = app[0]
			if not pysql().where('id', id).update('licenses', {"app": app['id']}):
				return flash_wrong(id)
			key = pysql().where('id', id).get('licenses')
			flash("Successfully updated associated app.", 'success')

		elif type_ == "name":
			if 'le-name' not in request.form:
				return flash_wrong(id)
			name = request.form['le-name'][:64] # Trim if needed.
			if not re.match('^[a-zA-Z0-9_\-]+$', name):
				flash("Sorry, usernames can only include alphanumeric characters, dashes and underscores.", 'error')
				return redirect(url_for('key_edit', id=id))
			if not pysql().where('id', id).update('licenses', {"user": name}):
				return flash_wrong(id)
			key = pysql().where('id', id).get('licenses')
			flash("Successfully updated license username.", 'success')

		elif type_ == "email":
			if 'le-email' not in request.form:
				return flash_wrong(id)
			email = request.form['le-email'][:64] # Trim if needed.
			if len(email) > 0 and not re.match(r'''^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$''', email):
				flash("Sorry, that email is not valid.", 'error')
				return redirect(url_for('key_edit', id=id))
			if not pysql().where('id', id).update('licenses', {"email": email}):
				return flash_wrong(id)
			key = pysql().where('id', id).get('licenses')
			flash("Successfully updated license email.", 'success')

		elif type_ == "license":
			license = util.key_from_style()
			if not pysql().where('id', id).update('licenses', {"key": license}):
				return flash_wrong(id)
			key = pysql().where('id', id).get('licenses')
			flash("Successfully regenerated license key.", 'success')

		elif type_ == "needs-hwid":
			if 'le-needs-hwid' not in request.form:
				return flash_wrong(id)
			needs_hwid = 1 if request.form['le-needs-hwid'] == "yes" else 0
			if not pysql().where('id', id).update('licenses', {"needs_hwid": needs_hwid}):
				return flash_wrong(id)
			key = pysql().where('id', id).get('licenses')
			flash("Successfully updated license.", 'success')

		elif type_ == "hwid":
			if not pysql().where('id', id).update('licenses', {"hwid": ""}):
				return flash_wrong(id)
			key = pysql().where('id', id).get('licenses')
			flash("Successfully reset HWID.", 'success')

		elif type_ == "disabled":
			if 'le-disabled' not in request.form:
				return flash_wrong(id)
			disabled = 1 if request.form['le-disabled'] == "yes" else 0
			if not pysql().where('id', id).update('licenses', {"disabled": disabled}):
				return flash_wrong(id)
			key = pysql().where('id', id).get('licenses')
			flash("Successfully {} key.".format('disabled' if disabled == 1 else 'enabled'), 'success')

		elif type_ == "expires":
			if 'le-expires-select' not in request.form:
				return flash_wrong(id)
			le_expires = 0
			if request.form['le-expires-select'] == "yes":
				exp_str = '{0}y{1}m{2}w{3}d{4}h'.format(
						request.form['le-expires-years'],
						request.form['le-expires-months'],
						request.form['le-expires-weeks'],
						request.form['le-expires-days'],
						request.form['le-expires-hours']
					)
				le_expires = util.timestamp_from_str(exp_str)
			if not pysql().where('id', id).update('licenses', {"expires": le_expires}):
				return flash_wrong(id)
			key = pysql().where('id', id).get('licenses')
			flash("Successfully updated expiration.", 'success')

		logger.info("Successfully updated license", id)

	key = key[0] # Grab the dict.
	apps = []
	for app in pysql().get('apps'):
		app['selected'] = True if app['id'] == key['app'] else False
		apps.append(Struct(**app)) 

	expires_dict = util.expires_dict(key['expires'])
	key['expires_'] = Struct(**expires_dict)
	extra = {
		"login": get_username(),
		"key": Struct(**key),
		"apps": apps,
		"id": id,
		"csrf": csrf_make()
	}
	return render_template('keys.edit.html', **extra)